$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/A6A53FA2D67E11EEAA2CA218C4F9AE02.roa File: A6A53FA2D67E11EEAA2CA218C4F9AE02.roa (raw, json) Hash identifier: HeeBDJcwhy8+V+2Cg9KYbQ3U6GO/s9+NiHEgSW8cWgU= Subject key identifier: D3:FB:61:0F:4D:9A:B3:DD:32:7D:EC:54:96:22:3D:BE:D1:CD:16:89 Certificate issuer: /CN=A91BC966/serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248 Certificate serial: 0BB9 Authority key identifier: B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/A6A53FA2D67E11EEAA2CA218C4F9AE02.roa Signing time: Tue 26 Nov 2024 18:57:36 +0000 ROA not before: Tue 26 Nov 2024 18:57:36 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 38565 IP address blocks: 36.252.0.0/15 maxlen: 23 36.253.19.0/24 maxlen: 24 36.253.26.0/24 maxlen: 24 43.243.96.0/22 maxlen: 24 49.126.0.0/16 maxlen: 20 103.38.196.0/22 maxlen: 24 116.68.208.0/21 maxlen: 24 2400:9500::/32 maxlen: 32 2400:9500:4000::/36 maxlen: 44 2400:9500:6000::/36 maxlen: 44 2400:9500:8000::/36 maxlen: 44 2400:9500:c000::/36 maxlen: 44 2400:9500:e000::/36 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.crl rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:48:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3001 (0xbb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC966, serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248 Validity Not Before: Nov 26 18:57:36 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67461a1f-8608 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e8:dd:94:37:a0:ab:6b:36:b7:23:01:1a:17: 90:f9:00:b4:77:b3:f7:b1:c5:08:b6:28:c0:51:4d: b7:d9:bd:5c:7f:65:94:98:e3:cf:32:1f:f1:77:9e: 0a:cb:b3:b2:19:5f:7c:22:06:cf:55:f9:ed:b3:59: be:b2:9c:91:74:fc:fc:97:8b:ce:91:4b:2c:c0:51: a4:ca:e3:a7:33:20:09:af:d0:1b:7b:d1:eb:96:ce: 1e:3e:99:8e:1a:20:a4:3e:99:40:9f:e8:24:d0:2e: c2:21:28:96:d4:24:b3:6a:f7:ed:af:aa:7b:dc:1d: bd:eb:58:6a:9a:41:bb:43:c8:20:cf:d8:e2:b6:8f: a8:fc:2c:42:a4:61:2b:c5:9a:1a:84:2e:bb:02:8c: a7:60:ec:23:3d:d1:68:40:2f:a1:87:a0:ed:fb:43: 62:2b:42:bc:da:55:29:89:3a:9f:81:17:28:ce:40: f3:b5:84:84:33:cf:ae:81:a1:62:2c:b3:d0:42:80: 57:b0:ec:f8:fa:3e:a1:24:8a:97:ff:fc:ff:0e:9c: f4:f5:75:9e:ad:01:05:6e:13:1a:f0:48:71:67:82: fe:15:d7:c3:c9:98:0f:20:41:c0:ed:ff:25:f0:8c: 68:e7:06:96:b1:79:75:df:54:a4:d9:59:3e:7f:34: ef:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:FB:61:0F:4D:9A:B3:DD:32:7D:EC:54:96:22:3D:BE:D1:CD:16:89 X509v3 Authority Key Identifier: keyid:B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/A6A53FA2D67E11EEAA2CA218C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.252.0.0/15 43.243.96.0/22 49.126.0.0/16 103.38.196.0/22 116.68.208.0/21 IPv6: 2400:9500::/32 Signature Algorithm: sha256WithRSAEncryption 74:b4:d0:4d:59:44:df:ad:de:cc:51:56:a5:6b:d6:10:e5:64: e0:64:2c:09:6b:91:bf:06:88:02:9d:7f:23:b9:a7:f2:78:a5: b8:bc:c8:fa:9f:aa:ba:22:ec:91:eb:de:d6:30:6f:70:2f:ef: cb:86:43:99:84:1f:4c:77:42:5e:fe:d6:fe:8a:2d:0e:96:d6: 58:6c:fd:99:bb:a9:a2:6a:28:25:3b:5d:9f:96:ee:e2:ce:8f: 43:96:22:9b:e0:6b:62:e8:63:40:e2:44:e6:7f:f1:69:e1:b3: a6:dc:0a:d8:7d:01:7b:85:89:58:87:f3:fc:05:77:0d:f2:8e: c8:e9:29:6c:d2:fc:2c:de:27:26:34:6b:ce:d4:c2:78:6d:29: 53:38:2d:f5:d3:70:17:76:af:83:a1:28:dc:9b:53:0c:56:60: fb:45:83:80:24:86:a7:9d:de:f4:9b:62:b9:da:a3:db:59:e2: 2d:33:df:7b:81:bf:34:93:1b:7e:3e:25:09:f9:83:45:96:ed: b5:d3:87:7d:65:13:9e:be:28:88:77:03:a0:b4:ba:a5:87:c3: 5f:9e:5b:df:6f:f5:91:a7:d7:80:89:47:a7:1b:41:78:d5:1c: b4:ac:e2:08:6d:f3:f7:f6:fd:03:2d:0b:c3:c4:3d:17:42:5f: f6:18:a0:24 -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgICC7kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkM5NjYxMTAvBgNVBAUTKEIyQTI1RERFMUE5RUM5MUI1OTk4NkE1MzJGNzg4MzU0 MzYxODMyNDgwHhcNMjQxMTI2MTg1NzM2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzQ2MWExZi04NjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt+jdlDegq2s2tyMBGheQ+QC0d7P3scUItijAUU232b1cf2WUmOPPMh/xd54K y7OyGV98IgbPVfnts1m+spyRdPz8l4vOkUsswFGkyuOnMyAJr9Abe9Hrls4ePpmO GiCkPplAn+gk0C7CISiW1CSzavftr6p73B2961hqmkG7Q8ggz9jito+o/CxCpGEr xZoahC67AoynYOwjPdFoQC+hh6Dt+0NiK0K82lUpiTqfgRcozkDztYSEM8+ugaFi LLPQQoBXsOz4+j6hJIqX//z/Dpz09XWerQEFbhMa8EhxZ4L+FdfDyZgPIEHA7f8l 8Ixo5waWsXl131Sk2Vk+fzTvmQIDAQABo4ICujCCArYwHQYDVR0OBBYEFNP7YQ9N mrPdMn3sVJYiPb7RzRaJMB8GA1UdIwQYMBaAFLKiXd4anskbWZhqUy94g1Q2GDJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzk2Ni9BMTk1MkJBMjFD MTExMUVBQjZDM0M3NkRDNEY5QUUwMi9zcUpkM2hxZXlSdFptR3BUTDNpRFZEWVlN a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NxSmQzaHFleVJ0Wm1HcFRMM2lEVkRZWU1rZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkM5NjYvQTE5NTJCQTIxQzExMTFFQUI2QzNDNzZEQzRGOUFFMDIvQTZBNTNGQTJE NjdFMTFFRUFBMkNBMjE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E NTAzMCIEAgABMBwDAwEk/AMEAivzYAMDADF+AwQCZybEAwQDdETQMA0EAgACMAcD BQAkAJUAMA0GCSqGSIb3DQEBCwUAA4IBAQB0tNBNWUTfrd7MUVala9YQ5WTgZCwJ a5G/BogCnX8juafyeKW4vMj6n6q6IuyR697WMG9wL+/LhkOZhB9Md0Je/tb+ii0O ltZYbP2Zu6miaiglO12flu7izo9DliKb4Gti6GNA4kTmf/Fp4bOm3ArYfQF7hYlY h/P8BXcN8o7I6Sls0vws3icmNGvO1MJ4bSlTOC3103AXdq+DoSjcm1MMVmD7RYOA JIannd70m2K52qPbWeItM997gb80kxt+PiUJ+YNFlu2104d9ZROeviiIdwOgtLql h8Nfnlvfb/WRp9eAiUenG0F41Ry0rOIIbfP39v0DLQvDxD0XQl/2GKAk -----END CERTIFICATE-----Generated at Sat Apr 26 13:02:22 2025 by rpki-client